170 likes | 403 Views
STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION. The 4 th ARF Seminar on Cyber Terrorism Busan, Korea, 16 – 19 October 2007. The ASEAN Secretariat. ARF Cooperation on Cyber Security. First ARF Seminar on Cyber Terrorism, Jeju Island, October 2004
E N D
STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION The 4th ARF Seminar on Cyber Terrorism Busan, Korea, 16 – 19 October 2007 The ASEAN Secretariat
ARF Cooperation on Cyber Security • First ARF Seminar on Cyber Terrorism, Jeju Island, October 2004 • Second ARF Seminar on Cyber Terrorism, Cebu City, the Philippines, October 2005 • Third ARF Workshop on Cyber Security, New Delhi, September 2006 • Fourth ARF Seminar on Cyber Terrorism, Busan, October 2007
Previous recommendations • Promote International and Inter-agency’s information sharing and cross-sectoral measures/activities • Networking and dialogue (contact person, web based, mailing list, phone/fax, etc.) • Working on and sharing guiding principles/ reference paper, best practices, case studies, technologies and solutions, etc. • Public-Private Partnership, e.g. the Social Corporate Responsibility, especially for the cross-border matters
ARF Statement on Cooperation in Fighting Cyber Attack and Terrorist Misuse of Cyber Space
Progress • ASEAN Convention on Counter-terrorism • Adopted by ASEAN Leaders in January 2007 in Cebu, the Philippines • The Convention includes Cyber-Terrorism in the areas of cooperation • ASEAN Focal Points for CERTs • ARF is working on the List of Contact Points • Network of Technical (Expert) Group • ASEAN WG on Information Infrastructure • Working on technical cooperation on N-SOC, Network Monitoring Centre • Capacity and confidence building activities
Work in Progress • Compilation of the national legislation on cyber terrorism (cyber security issues) • Mechanism for regional cooperation to combat cyber terrorism • ARF Centre on Counter Cyber-terrorism
ASEAN Cooperation in Policy and Regulation on Network and Information Security
Cooperation in Policy • ASEAN Telecommunications and IT Ministers and Senior Officials Meetings (TELMIN/ TELSOM) • Platform for cooperation initiatives amongst ASEAN Member Countries, Dialogue Partners/industries to further enhance the progress, readiness, and awareness of, amongst others, network and information security • TELSOM Working Group on Information Infrastructure • Technical knowledge and current challenges relating to the network and information security and available solutions • Operational activities and policy implementation
Achievement • Adoption of suitable international standards (e.g., telecommunications and cyber-security standards) • Put in place minimum performance guidelines for setting up National CERT • Put in place guidelines for implementation of CERT cooperation in ASEAN • Cooperation on Cyber-security skills • Encourage the development of National Security Operation Centre (N-SOC) and/or cooperation of the Network Monitoring Centre to proactively manage, monitor and facilitate cross border information sharing
Cooperation in Regulation • ASEAN Telecommunication Regulators Council (ATRC) • 2005 Framework on Cooperation of Network Security • ATRC Action Plan • ATRC Working Group on Network Security • Evaluation of preparedness and right to enforce against any network abuse • Establishment of an ASEAN liaison network • ASEAN-wide user education and awareness raising programs, technical solutions, periodic assessment, and • ATRC Internet Access Service Provider (IASP) Forum • International and regional cooperation
Multiplatform Cooperation • ASEAN+ Dialogue Partners: • CERT Incident Drills with Dialogue Partners • An expanded exercise from the ASEAN-wide CID in 2006 • The ASEAN + DPs CID on 16 July 2007 (ASEAN, China, Japan, Korea, India and Norway) • Capacity Building • Workshops, seminars and training courses and technical visits (China, Korea, Japan, and India) • ASEAN helps ASEAN • ASEAN+ other Organizations: • ASEAN+ APEC Workshop on Network Security at TEL 35, Manila - The Philippines, 24 April 2007 • Cooperation with ITU/APT • ASEAN+ Industry (MS, IBM, etc)
Multiplatform Cooperation • ASEAN+ China: • Emergency Response Contact Mechanism by end of 2007 • 1st CERTS Incidents Drill in 2007 (or 2008) • Coordination Framework for Network and Information Security Emergency Responses • China to join the ATRC Network Security Liaison Network (Point of Contacts) • ASEAN+ Japan: • a high-level meeting on ICT security issues in 2008 • ASEAN+ EU: • Propose a Workshop to discuss and exchange views on the EU Cyber-crime Convention.
Disaster Relief Communications • A regional proposal on common frequency for disaster relief communications in ASEAN Region • ATRC is working on common frequencies for disaster relief • ATRC will consider to propose and/or submit the proposal on a common set of frequencies for ASEAN Telecoms and IT Ministers (TELMIN) to further consider and/or adopt
Course of Actions • Conduct the Seminar on Cyber Terrorism on regular basis • Exchange of views and knowledge on regulations, cyber laws, and ICT Security Masterplan (Roadmap) • Establishment of the National Cyber Security Agency (NISA, KISA) • Complete the List of Focal Points of the ARF National Cyber Security Agencies • Further collaborate/cooperate within ARF Members and with other Int’l Organizations • Conduct technical training on technology and solutions for counter-measures • Sharing experience, model and benefit of the Public-Private Partnership (Gov’t-Business Forum on Cyber Security)
Contact Points ARF Unit: Mr. Pratap Parameswaran: pratap@aseansec.org Ms. Retno Astrini: retno.astrini@aseansec.org ICT Unit: Mr. Nguyen Ky Anh: kyanh@aseansec.org